Joe Richker Page 1 8/8/2008

jrichker@yahoo.com

IP Subnetting for the Masses

Or

How a 12 year old kid can subnet the most

complex network.

Joe Richker Page 2 8/8/2008

jrichker@yahoo.com

IP subnetting is the most feared part of working with TCP/IP for many people. The complexity of managing the binary

math method of dividing a network into smaller networks, or subnetting, is cumbersome and unwieldy. However, there is

a simpler way, and it doesn’t use strange numerical formats to represent ordinary numbers.

A little review is in order first to make sure we understand the basics. IP networks are described the numerical format:

aaa.bbb.ccc.ddd. This format is called dotted decimal notation. The networks are categorized into 5 different groups:

Class A, B, C, D & E. Class A networks have their address range from 1-126, Class B from 128-191, Class C from 192-

223, Class D from 224-239, Class E from 240-255.

Let’s deal with the odd ducks first and get them out of the way. Class D networks (224-239) are used for multicast

functions were data is sent from one transmitter to many receivers. A lot like TV, but no commercials or pitch men. Class

E (240-254) networks are labeled as “experimental”, what anyone would be experimenting with, we can only guess.

Some of the numbers & ranges of numbers have reserved or special functions. The number 127.0.0.1 is reserved for

loopback testing. The range 127.bbb.ccc.ddd is also reserved for “special functions”. The address 255.255.255.255 is the

broadcast address which transmits data intended for every station to receive.

Ok, now that our ducks are wadding off in a uniform direction, let’s work with what’s left. A network address is

comprised of two parts, a network and a host. A host is an end unit, be it a computer, router, switch, or other device. A

network is a numerical address that represents groups of hosts. There are a maximum number of hosts per networks and

that number is always a power of 256. Class C networks are limited to 256 hosts. Class B networks are limited to 65536

(256 x 256). Class A networks are limited to 16,711,680 (256 x 256 x 256) hosts.

Class A networks (1-126) use the “aaa” group of numbers in the format aaa.bbb.ccc.ddd to represent the network. The

bbb.ccc.ddd portion of the address represents the host part of the network. That means there can be up to 126 separate

networks with 16,711,680 hosts per network (256 x 256 x 256 hosts).

Class B networks (128-191) use the aaa.bbb group of numbers in the format aaa.bbb.ccc.ddd to represent the network.

The ccc.ddd portion of the address represents the host part of the network. That means there can be up to 63 separate

networks with 65,536 hosts per network (256 x256 hosts).

Class C networks (192-223) use the aaa.bbb.ccc group of numbers in the format aaa.bbb.ccc.ddd to represent the network.

The .ddd portion of the address represents the host part of the network. That means there can be up to 31 separate

networks with 256 hosts per network.

Each of the 3 address classes A, B & C, have a range of addresses that are not routable on the Internet. Routers that

connect directly to the Internet know that the “private” addresses are not allowed to pass through them to the Internet.

These “private” addresses allow organizations to allocate and control addresses that they do not share with the outside

world. A private network segregates internal network traffic from the outside world and can be used to both reduce the

number of public addresses required and protect the internal network structure from invasion.

For class A networks, the private address range is 10.0.0.0 to 10.255.255.255, for 1 network with 16,777,216 possible

host addresses.

Class B networks use 172.16.0.0 through 172.31.255.255 for 15 networks with a maximum of 65536 possible host

addresses per network.

Class C networks use 192.168.0.0 through 192.168.255.255 for 255 networks with a maximum of 256 possible host

addresses per network

Now for the throwaways: the first host and last host numbers on a subnet are not useable. The first host number of a

subnet is the “name” or subnet identifier of the subnet and the last host number is the broadcast address for that subnet.

That means that the actual number of hosts on a subnet is always 2 less than the mathematically calculated value.

For the purposes of this discussion, a network group will be a collection of subnets arranged in contiguous numerical

sequence with a starting address and ending address.

Now we will deal with “Masks”: masks either hide or divide.

The network part of a mask hides and is always 255. For a class A network (1-126), the default mask is 255.bbb.0.0 a

class B network (128-191) is 255.255.ccc.0, a class C network (192-223) is 255.255.255.ddd.

Joe Richker Page 3 8/8/2008

jrichker@yahoo.com

The host part of a mask divides and can be any multiple of a power of 2. Dividing a large single block of hosts into

smaller groups (subnetting) allows us to manage them more easily. With small groups, it is simpler to direct and control

the flow of data to the hosts.

For class A hosts, the default mask is 255.bbb.0.0, class B default mask is 255.255.ccc.0, and a class C default mask is

255.255.255.ddd. Note that only one of the host mask groups can be divided. If you divide group bbb, you cannot divide

ccc, or ddd. Likewise, if you divide ddd, you cannot divide bbb or ccc. If you did divide more than one group, you would

lose some of the hosts in the process. Lost hosts are not good, they tend to become unmanageable.

Any part of a mask that is not hidden (part of the network mask) can be divided. The process will always be to divide

256 into a smaller number using a number that is a power of 2, such as 2, 4, 8, 16, etc.

Simple powers of 2:

2

2

= 4

2

9

= 512

2

3

= 8

2

10

= 1024

2

4

= 16

2

11

= 2048

2

5

= 32

2

12

= 4096

2

6

= 64

2

13

= 8192

2

7

= 128

2

14

= 16384

2

8

= 256

2

15

= 32768

2

16

= 65536

The first step is to create the masks: the mask table starts from the bottom and goes to the top.

254 is the largest possible mask, so it will be the last entry in our mask table. All the remaining masks will be less than

254.

254 – is the bottom entry in the mask table.

254 - 2

1

= 254 - 2 = 252

252 - 2

2

= 252 - 4 = 248

248 - 2

3

= 248 - 8 = 240

240 - 2

4

= 240 - 16 = 224

224 - 2

5

= 224 - 32 = 192

192 - 2

6

= 192 - 64 = 128

128 - 2

7

= 128 -128 = 0

0 is the top entry in our mask table.

Now divide 256 by powers of 2 to create the subnets from the top down.

256/2

8

= 256/256 = 1

256/2

7

= 256/128 = 2

256/2

6

= 256/64 = 4

256/2

5

= 256/32 = 8

256/2

4

= 256/16 = 16

256/2

3

= 256/8 = 32

256/2

2

= 256/4 = 64

256/2

1

= 256/2 = 128

Once the number of subnets have been calculated, the number of hosts per subnet it the next step. Hosts are inserted in the

table from the top down.

256/1 = 256

256/2 = 128

256/4 = 64

256/8 = 32

256/16 = 16

256/32 = 8

256/64 = 4

256/128 = 2

Joe Richker Page 4 8/8/2008

jrichker@yahoo.com

Always remember that the actual number of hosts is 2 less that the calculated number shown above- hence the (n-2)

notation. That is because the first host address on a subnet is the subnet “name” or identifier, and the last host address

on a subnet is the broadcast address.

Subnets will always start on an even numbered boundary, and end on an odd numbered boundary.

Here’s the completed table:

Mask

Subnets

Class C

Hosts

(256 x1)

(n-2)

Class B

Hosts

(256x 256)

(n-2)

Class A

Hosts

(256 x 256 x256)

(n-2)

0

1

254

65534

16777214

128

2

126

32766

83886086

192

4

62

16382

4194302

224

8

30

8190

2097150

240

16

14

4094

1048574

248

32

6

2046

524886

252

64

2

1022

262142

254

128

N/A

510

131070

If memorizing the table seems like too much effort, all you have to remember is the number 256 and how to do simple

powers of 2. A class C network has 256 hosts, a class B network has 256 x 256 hosts, or 65536 hosts, and a class A

network has 256 x 256 x 256 or 16,777,218 hosts

The number of subnets are always incrementing by the power of 2. The number of hosts on a subnet are the result of

dividing 256 (or a multiple of 256 in the case of class A & B networks) by the number of subnets. Remember that the

number of subnets will always be a power of 2.

The result of hosts multiplied by subnets is always equal to a multiple of 256, whether it is 256 (256 x 1) or 65536

(256 x256) or 16,777,216 (256 x 256 x256).

It is also true that by dividing the multiple of 256, whether it is 256 (256 x 1) or 65536 (256 x256) or 16,777,216 (256

x 256 x256) by the number of subnetworks gives the number of hosts.

Inversely, dividing the multiple of 256, whether it is 256 (256 x 1) or 65536 (256 x256) or 16,777,216 (256 x 256

x256) by the number of hosts gives the number of subnetworks.

Example: network is class C, 193.0.0.0, and you need 4 networks. How many hosts do you have?

256/4 = 64 hosts – 2 is 62 hosts per subnet.

Example: network is class C, 193.10.10.0, and you want a minimum of 24 hosts per network. The nearest power of 2 is

32, so you have 32 hosts. Divide 256 by 32 and you get 8 subnets. Remember to subtract 2 hosts from each subnet for a

total of 30 hosts per subnet and 8 subnets.

Class B networks operate in a similar manner, except the results are 256 times larger.

The class B network 150.100.0.0 requires 64 subnets: how many hosts will there be per subnet? Divide 256 by 64

networks gives 4, and 4 x 256 is 1024. Subtracting 2 from 1024 gives you 1022 hosts per subnet.

The class B network 171.200.100.0 needs a minimum of 3000 hosts per subnet. How many subnets will there be? The

answer is to first determine the nearest number of hosts that fit the puzzle. What is the nearest power of 2 that is greater

than 3000? It is 2 to 12

th

power, or 4096. Dividing 65,536 (256 x256) by 4096 gives 16 subnets. The end result is 16

subnets with 4094 host per subnet (4096 -2 = 4094)

Now for the really sticky part…

You have a class C network address of 193.100.80.55 with a mask of 255.255.255.248. What are the network and

broadcast addresses for the network that .55 is a member of? Easy – a mask of 255.255.255.248 breaks down into 3

Joe Richker Page 5 8/8/2008

jrichker@yahoo.com

groups of network addresses (aaa.bbb.ccc) and one group of host addresses (.ddd). Remember that network part of the

mask hides and the host part of the mask divides. The 248 is the only part of the mask we need to be concerned about.

With a class C network, a mask of 248 gives us 32 subnets with 8 hosts. However, on each network, the first address is

the subnet identifier and last address is the broadcast address.

Some things to remember…

Host number divided by the number of hosts per subnet gives us the network group plus the remainder.

Subtracting the remainder from the host number tells us where the start of the network is and the offset of the host

from the start.

Subtract 1 from the number of hosts per subnet and add the result to the start of the subnet and you get the broadcast

address.

Add 1 to the result of dividing the number of hosts by the number of networks. This is because the networks start

counting with 0, not 1. The result will give you the number of networks you are offset from the start of the network

range.

Always use the class C hosts and network numbers when calculating the network group and remainder, even when

working with class A & B networks.

Now do the math…

Using our class C network 193.100.80.55 with a mask of 255.255.255.248:

55 is the node number and there are 8 hosts per subnet with a 248 mask.

Host number divided by the number of hosts per subnet gives us the network group plus the remainder. Therefore, 55/8 =

6, remainder of 7.

Subtracting the remainder from the host number tells us where the start of the subnet is and the offset of the host from the

start. Then 55- 7 = 48, the start of the subnet.

Subtract 1 from the number of hosts per subnet and add the result to the start of the subnet and you get the broadcast

address. With a 248 mask, that means there are 8 hosts: so 8 - 1 = 7. The broadcast address is 48 + 7 = 55. So 55 is the

broadcast address for that subnet.

Then 6 (network group) +1 (because we started counting at 0) = 7, network is the 7

th

network group and starts with host

48 and ends with host 55.

You have a class C network address of 193.100.80.116 with a mask of 255.255.255.240. What are the network and

broadcast addresses for the network group that host 193.100.80.116 is a member of?

With a 240 mask, there are 16 hosts

116/16 = 7, remainder of 4.

Now 116 – 4 = 112, the network identifier

Using our 16 hosts per subnet, then 16 - 1 = 15.

112 + 15 = 127, the broadcast address

Then 7 (network group) +1 (because we started counting at 0) = 8, network is the 8

th

network group and starts with host

112 and ends with host 127.

Class B networks operate in the same manner: using 150.190.0.0 with a mask of 255.255.224.000, what network group is

host 150.190 .135.50 a part of and what are the subnet identifier and broadcast addresses?

Since this is a class B network (150.190.ccc.ddd), our subnet identifier will be first possible address on the subnet in the

form of 150.190.ccc.0. The broadcast addresses will be the last possible address on the subnet in the form of .ccc.255

With a 224 mask, we get 8 networks with 32 hosts per network. Remember to use the class C hosts & network figures.

135/32 = 4, remainder of 7

135- 7 =(150.190.)128.0, the network identifier (our network identifier will be first possible address on the subnet in the

form of 150.190.ccc.0.)

Using our 32 hosts per network, then

32 – 1 = 31

128 + 31 =(150.190.)159.255, the broadcast address (the broadcast addresses will be the last possible address on the

subnet in the form of .ccc.255).

Joe Richker Page 6 8/8/2008

jrichker@yahoo.com

Then 4 (network group) +1 (because we started counting at 0) = 5

th

network group that starts with subnet 128 and ends

with subnet 159.

Since this is a class B network, the network will have 65,534 hosts, and with a 224 mask, there will be 8,190 hosts per

network group.

Class A networks are similar to class B & C in the way they divide up. With a network of 12.0.0.0 and a mask of

255.252.0.0, what network group is host 12.135.100.100 a member of and what are the subnet identifier and broadcast

addresses for the subnet that it resides on?

Since this is a class A network (12.bbb.ccc.ddd), our subnet identifier will be first possible address on the subnet in the

form of 12.bbb.0.0. The broadcast addresses will be the last possible address on the subnet in the form of 12.bbb.255.255

With a 252 mask, we get 64 subnets with 4 hosts per network. Remember to use the class C hosts & network figures.

135/4 = 33 with a remainder of 3

135 – 3 = (12.)132.0.0, the subnet identifier (our subnet identifier will be first possible address on the subnet in the form

of 12.bbb.0.0.)

Using our 4 hosts per network, then

4 – 1 = 3

132 + 3 = (12.) 135.255.255, the broadcast address (the broadcast addresses will be the last possible address on the subnet

in the form of 12.bbb.255.255.).

The network is the 33

rd

network group that starts with subnet 132 and ends with subnet 135.

Since this is a class A network, the network will have 16,777,214 hosts, and with a 252 mask, there will be 262,142 hosts

per network group.

CIDR notation in place of masks.

CIDR (Classless Internet Domain Routing) is another way to describe a mask. Instead of having a mask in the format

aaa.bbb.ccc.ddd, a / followed by a number ranging from 8- 31 describes the mask arrangement. Using CIDR, a network

address can be divided up in any one of the bbb.ccc.ddd groups. That allows a more flexible addressing scheme and

simpler routing tables. An example is 200.20.30.0/23, which gives us 1 subnet with 510 hosts. Using a conventional mask

would require 2 class C networks (200.20.30.0 and 200.20.31.0) and 2 routing table entries to direct the routing traffic.

CIDR reduces the number of entries in a routing table by representing a sequential group of separate networks with a

single network address. Remember CIDR = many to one.

Mask

Subnets

Range

Class

B

Range

Class

C

Classless

Internet

Domain

Routing

(CIDR)

Bit Value

0

1

65536

256

8, 16, 24

0000.0000

128

2

32786

128

9, 17, 25

1000.0000

192

4

16384

64

10, 18, 26

1100.0000

224

8

8192

32

11, 19, 27

1110.0000

240

16

4096

16

12, 20, 28

1111.0000

248

32

2048

8

13, 21, 29

1111.1000

252

64

1024

4

14, 22, 30

1111.1100

254

128

512

2

15, 23, 31

1111.1110

* Class A & B only, not applicable for class C

Subnet Masks: Class Mask value

A 8-15

B 16-23

C 24-31

Joe Richker Page 7 8/8/2008

jrichker@yahoo.com

Variable Length Subnet Masks (VSLM)

VLSM uses the same / notation that CIDR uses, but operates in a different manner. CIDR collects groups of networks

together in a single commonly addressed network. VLSM allows you to subdivide existing subnets into smaller subnets

with fewer hosts per subnet. Remember VLSM = one to many.

Using VSLM with what would normally be a class A address allows finer control over network management:

10.20.30.0/25 gives us 2 networks with 126 hosts. Compare that with the normal class A structure (10.0.0.0, mask

255.128. 0.0) that would consume 83,886,086 hosts on 2 networks. As you can see applying controls to a small group on

hosts is easy and clean to do, without a lot of messy overlap into unneeded host areas. It also allows us to subdivide large

subnets into smaller, easier to use segments.

Consider the network 200.200.200.0 /24: you have 5 groups of users. One group has 100 users and 3 groups have 25 each.

VLSM can break this into 2 groups of 126 users using the subnets 200.200.200.0/25 and 200.200.200.128/25. Using

VLSM to further divide 200.200.200.127/25, we get:

200.200.200.128/27, 30 useable hosts

200.200.200.160/27, 30 useable hosts,

200.200.200.192/27, 30 useable hosts

AND

200.200.200.224/28, 30 useable hosts, which can be further subdivided for use for router & switch interfaces.

Consider one router with 6 interfaces and 5 switches with 1 IP address each.

200.200.200.224/29, 6 useable hosts. – Router IP’s

200.200.200.232/30, 2 useable hosts – Switch #1

200.200.200.236/30, 2 useable hosts – Switch #2

200.200.200.240/30, 2 useable hosts – Switch #3

200.200.200.244/30, 2 useable hosts – Switch #4

200.200.200.248/30, 2 useable hosts – Switch #5

As you can see, there is very little waste using VLSM to subdivide subnets.

## Σχόλια 0

Συνδεθείτε για να κοινοποιήσετε σχόλιο